There seems to be different regions appearing across my AWS.
My S3 bucket says Ohio (us-east-2):
however the URL of my bucket says us-east-1 (N.Virginia):
https://s3.console.aws.amazon.com/s3/buckets/*****-bucket/?region=us-east-1&tab=overview
How do I find out what the actual region of my AWS is?
To choose a proper region refer this official doc.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
To know which region your s3 bucket in, you can find it in amazon s3 console.
https://s3.console.aws.amazon.com/s3/home
Related
I have a requirement of accessing S3 bucket on the AWS ParallelCluster nodes. I did explore the s3_read_write_resource option in the ParallelCluster documentation. But, it is not clear as to how we can access the bucket. For example, will it be mounted on the nodes, or will the users be able to access it by default. I did test the latter by trying to access a bucket I declared using the s3_read_write_resource option in the config file, but was not able to access it (aws s3 ls s3://<name-of-the-bucket>).
I did go through this github issue talking about mounting S3 bucket using s3fs. In my experience it is very slow to access the objects using s3fs.
So, my question is,
How can we access the S3 bucket when using s3_read_write_resource option in AWS ParallelCluster config file
These parameters are used in ParallelCluster to include S3 permissions on the instance role that is created for cluster instances. They're mapped into Cloudformation template parameters S3ReadResource and S3ReadWriteResource . And later used in the Cloudformation template. For example, here and here. There's no special way for accessing S3 objects.
To access S3 on one cluster instance, we need to use the aws cli or any SDK . Credentials will be automatically obtained from the instance role using instance metadata service.
Please note that ParallelCluster doesn't grant permissions to list S3 objects.
Retrieving existing objects from S3 bucket defined in s3_read_resource, as well as retrieving and writing objects to S3 bucket defined in s3_read_write_resource should work.
However, "aws s3 ls" or "aws s3 ls s3://name-of-the-bucket" need additional permissions. See https://aws.amazon.com/premiumsupport/knowledge-center/s3-access-denied-listobjects-sync/.
I wouldn't use s3fs, as it's not AWS supported, it's been reported to be slow (as you've already noticed), and other reasons.
You might want to check the FSx section. It can create an attach an FSx for Lustre filesystem. It can import/export files to/from S3 natively. We just need to set import_path and export_path on this section.
When I go to console in AWS by clicking the yellow cube in the top corner it directs me to the following url:
https://ap-southeast-1.console.aws.amazon.com/console/home?region=ap-southeast-1
This is correct, cause my app is used primarily in Southeast Asia.
Now when I go to my S3 bucket, right click and select properties, I see:
Bucket: examplebucket
Region: US Standard
I believe that when I first created my AWS account I had set it to us-west-2 and then later changed it to ap-southeast-1. Is there something I need to do is change the region of the s3 bucket from 'US Standard'?
In the navbar, under global it says "S3 does not require region selection." which is confusing to me.
The bucket is being used for photo storage. The majority of my web users are in Southeast Asia.
It would certainly make sense to locate the bucket closest to the majority of your users. Also, consider using Amazon CloudFront to cache objects, providing even faster data access to your users.
Each Amazon S3 bucket resides in a single region. Any data placed into that bucket stays within that region. It is also possible to configure cross-region replication of buckets, which will copy objects from one bucket to a different bucket in a different region.
The Amazon S3 management console displays all buckets in all regions (hence the message that "S3 does not require region selection"). Clicking on a bucket will display the bucket properties, which will show the region in which the bucket resides.
It is not possible to 'change' the region of a bucket. Instead, you should create a new bucket in the desired region and copy the objects to the new bucket. The easiest way to copy the files is via the AWS Command-Line Interface (CLI), with a command like:
aws s3 cp s3://source-bucket s3://destination-bucket --recursive
If you have many files, it might be safer to use the sync option, which can be run multiple times (in case of errors/failures):
aws s3 sync s3://source-bucket s3://destination-bucket
Please note that if you wish to retain the name of the bucket, you would need to copy to a temporary bucket, delete the original bucket, wait for the bucket name to become available again (10 minutes?), create the bucket in the desired region, then copy the objects to the new bucket.
I'm trying to copy Amazon AWS S3 objects between two buckets in two different regions with Amazon AWS PHP SDK v3. This would be a one-time process, so I don't need cross-region replication. Tried to use copyObject() but there is no way to specify the region.
$s3->copyObject(array(
'Bucket' => $targetBucket,
'Key' => $targetKeyname,
'CopySource' => "{$sourceBucket}/{$sourceKeyname}",
));
Source:
http://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectUsingPHP.html
You don't need to specify regions for that operation. It'll find out the target bucket's region and copy it.
But you may be right, because on AWS CLI there is source region and target region attributes which do not exist on PHP SDK. So you can accomplish the task like this:
Create an interim bucket in the source region.
Create the bucket in the target region.
Configure replication from the interim bucket to target one.
On interim bucket set expiration rule, so files will be deleted after a short time automatically from the interim bucket.
Copy objects from source bucket to interim bucket using PHP SDK.
All your objects will also be copied to another region.
You can remove the interim bucket one day later.
Or use just cli and use this single command:
aws s3 cp s3://my-source-bucket-in-us-west-2/ s3://my-target-bucket-in-us-east-1/ --recursive --source-region us-west-2 --region us-east-1
Different region bucket could also be different account. What others had been doing was to copy off from one bucket and save the data temporary locally, then upload to different bucket with different credentials. (if you have two regional buckets with different credentials).
Newest update from CLI tool allows you to copy from bucket to bucket if it's under the same account. Using something like what Çağatay Gürtürk mentioned.
Is it possible to get the ARN of an S3 bucket via the AWS command line?
I have looked through the documentation for aws s3api ... and aws s3 ... and have not found a way to do this.
It's always arn:PARTITION:s3:::NAME-OF-YOUR-BUCKET. If you know the name of the bucket and in which partition it's located, you know the ARN. No need to 'get' it from anywhere.
The PARTITION will be aws, aws-us-gov, or aws-cndepending on whether you're in general AWS, GovCloud, or China resepectively.
You can also select your S3 bucket ARN by selecting it using the tick mark at the s3 management console, which will pop up a Side bar. where there is a provision to copy your S3 bucket ARN.S3 management console with bucket ARN
aws articles spell out the arn format but never say go here to see it. Highlighting my s3 bucket and seeing that Copy Bucket ARN kept me sane for a few more hours.
I created 3 different buckets, 1 using aws management console and 2 using boto api.
Bucket created using aws management console was created in tokyo region whereas the one created using boto were created us-east-1 region.
When I access by bucket using boto how does it findout the correct region in which the buckets are created. Also, how does it choose which region to create bucket in.
I have gone thought the connection.py file in boto source code but I am not able to make any sense of the code.
Any help is greatly appreciated!
You can control the location of a new bucket by specifying a value for the location parameter in the create_bucket method. For example, to create a bucket in the ap-northeast-1 region you would do this:
import boto.s3
from boto.s3.connection import Location
c = boto.s3.connect_to_region('ap-northeast-1')
bucket = c.create_bucket('mynewbucket', location=Location.APNortheast)
In this example, I am connecting to the S3 endpoint in the ap-northeast-1 region but that is not required. Even if you are connected to the universal S3 endpoint you can still create a bucket in another location using this technique.
To access the bucket after it has been created, you have a couple of options:
You could connect to the S3 endpoint in the region you created the bucket and then use the get_bucket method to lookup your bucket and get a Bucket object for it.
You could connect to the universal S3 endpoint and use the get_bucket method to lookup your bucket. In order for this to work, you need to follow the more restricted bucket naming conventions described here. This allows your bucket to be accessed via virtual hosting style addressing, e.g. https://mybucket.s3.amazonaws.com/. This, in turn, allows DNS to resolve your request to the correct S3 endpoint. Note that the DNS records take time to propagate so if you try to address your bucket in this manner immediately after it has been create it might not work. Try again in a few minutes.